/*
 * Copyleft 2011 Power by Colen.
 *
 * Project: booking
 * Date: Jul 2, 2011
 */
package com.crm.business.web.auth.service.impl;

import java.util.HashMap;
import java.util.List;
import java.util.Map;

import org.apache.log4j.Logger;

import com.app.platform.base.utils.EncryptUtil;
import com.crm.business.web.auth.service.LoginoutService;
import com.crm.common.exception.CrmBusinessException;
import com.crm.common.web.service.impl.WebCommonServiceImpl;

/**
 * login and logout service implementation
 *
 * @author Colen
 *
 */
public class LoginoutServiceImpl extends WebCommonServiceImpl implements
        LoginoutService {

    /** Logger */
    private static final Logger LOG = Logger.getLogger(LoginoutServiceImpl.class);


    @Override
    public void doAuthLogin(Map<String, Object> params) {
        String uid = (String) params.get("uid");
        Integer iuid = null;
        try {
            iuid = Integer.valueOf(uid);
        } catch (NumberFormatException nfe) {
            throw new CrmBusinessException("用户ID输入不正确！");
        }
        // get user info
        Map<String, Object> args = new HashMap<String, Object>();
        args.put("uid", iuid);
        List<Map<String, Object>> users = getCommonDao().namingQueryForList("sql_auth_getUserById", args);
        if (users == null || users.isEmpty()) {
            LOG.info("can not find user by userId = " + uid);
            throw new CrmBusinessException("对不起，您输入的用户不存在！");
        }

        Map<String, Object> user = users.get(0);

        String pwd = (String) params.get("password");
        String ePwd = EncryptUtil.toMd5(pwd);
        if (!ePwd.equals(user.get("password"))) {
            LOG.info("password not correct (" + pwd + ")");
            throw new CrmBusinessException("对不起，您输入的密码不正确！");
        }

        params.put("user", user);
    }

}
